Love Fuel?    Donate

FuelPHP Forums

Ask your question about FuelPHP in the appropriate forum, or help others by answering their questions.
OpAuth Problem
  • l_shafl_shaf 
    if ($num_linked === 0 or \Config::get('opauth.link_multiple_providers') === true)
    {
    	// attach this account to the logged in user
    	$this->link_provider(array(
    		'parent_id'	=> $user_id,
    		'provider' 	=> $this->get('auth.provider'),
    		'uid' 		=> $this->get('auth.uid'),
    		'access_token'	=> $this->get('credentials.token', null),
    		'secret' 	=> $this->get('credentials.secret', null),
    		'expires' 	=> $this->get('credentials.expires', null),
    		'refresh_token'	=> $this->get('credentials.refresh_token', null),
    		'created_at' 	=> time(),
    	));

    	// attachment went ok so we'll redirect
    	return 'linked';
    }

    for that code at packages/auth/classes/auth/opauth
    why i can add same uid with same provider. please fix it and if the code is right. please tell me the reason. I think the condition is still lacking. please add the condition if the uid has been exist no more add query, that's data will be junk data. the same uid with same provider.

    and there is a bug at "credentials". it can't get the token data because "credentials" inside "auth"
    so it must "auth.credentials.token" etc.

    i hope fuelphp version 1.7 at opauth no bugs. :)

    i'm sorry for my english is bad.
  • WanWizardWanWizard
    The "or" is ok.

    That if says "if there is no provider linked, or you allow multiple providers". If there is already a provider linked, and you don't allow multiple, that if evaluates to false.

    In case of multiple providers, it actually means "multiple provider logins". So if enabled, it's perfectly fine to link three different facebook accounts to the same local account.

    And what do you mean by "bug"? This works fine here. Actually, the Ormauth and Opauth examples in the documentation are from one of our working applications.
  • l_shafl_shaf
    the token isn't inserted to database, field token always null because "credentials.token" isn't exist,
    the real data is "auth.credentials.token".

    "So if enabled, it's perfectly fine to link three different facebook accounts to the same local account." in my case not different account. but the same facebook account and the same local user has been added on my database.
  • WanWizardWanWizard
    Ah, ok. That error exists in 1.7 as well, because the Opauth code was backported to 1.6.1. I'll correct that.

    That has no relation to the issue you're experiencing though, the match on provider login happens on uid and provider, it does not use the other fields.

    The problem you probably have it that you try to use an Opauth login while already logged in. In that case the Auth check returns true and you get into the code bit above. This is an application error, you should not present your user with a login option if already logged in. The link_provider() method simply inserts the provider info, it does not check if it is already there (it shouldn't).
  • WanWizardWanWizard
    Accepted Answer
    Fixed the issues (in 1.7/develop, you can backport it to 1.6.1. without problems).

    Also added a delete on the provider table to deal with the duplicate logins you're experiencing (although it is still my opinion it is an application design error).
  • l_shafl_shaf
    framework make other people easy to develop a website.
    so your opinion i think is true, i can check it if i want.

    it will more easy if you develop it with that way for handle. ^_^
    and thanks for your respond
Add a Comment

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Categories

In this Discussion